<?php
/* Script is meant for retrieving messages for specific user's session.
   
   GET parameters:
      - session_id
      
   Return values:
      - panding messages
      
*/

require_once './common/header.php';

// Get mandatory parameters
$session_id = $_GET['session_id'];

// If session id is empty, return false.
if ($session_id == '')
{
   OutputError('Session id has to be provided');
   exit(1);
}

// extract user id from session id
$query = "SELECT user_id FROM user_sessions WHERE session_id='" . mysql_real_escape_string($session_id) . "'";
$user_id = $db->SelectScalar($query);
if ($user_id == false)
{
   OutputError('Incorrect session id');
   exit(1);
}

// get all messages for the user
$query = "SELECT u.username, m.create_time, m.message" .
         " FROM messages m" .
         " JOIN users u ON m.from_user_id=u.id" .
         " WHERE m.to_user_id=$user_id";
$result = $db->Select($query);
while (($row = $db->FetchNext($result)) !== false)
{
   OutputMessage($row[0], $row[1], $row[2]);
}
$db->Free($result);

require_once './common/footer.php';

?>